CVE-2017-5534

Summary

The tibbr user profiles components of tibbr Community, and tibbr Enterprise expose a weakness in an improperly sandboxed third-party component. Affected releases are TIBCO Software Inc. tibbr Community 5.2.1 and below; 6.0.0; 6.0.1; 7.0.0, tibbr Enterprise 5.2.1 and below; 6.0.0; 6.0.1; 7.0.0.

Affected Software

VendorProductVersion RangeStatus
TIBCO Software Inc.tibbr Community5.2.1 and belowaffected
TIBCO Software Inc.tibbr Community6.0.0affected
TIBCO Software Inc.tibbr Community6.0.1affected
TIBCO Software Inc.tibbr Community7.0.0affected
TIBCO Software Inc.tibbr Enterprise5.2.1 and belowaffected
TIBCO Software Inc.tibbr Enterprise6.0.0affected
TIBCO Software Inc.tibbr Enterprise6.0.1affected
TIBCO Software Inc.tibbr Enterprise7.0.0affected

Weaknesses

  • The impact of this vulnerability includes the ability to execute arbitrary code with the privileges of the user that invoked the tibbr server.

ADP Enrichment

CVE Program Container

Additional References

References